Sonar is a security researcher's Swiss army knife for finding and exploiting vulnerabilities that require out-of-band interactions
☆21Mar 11, 2026Updated last week
Alternatives and similar repositories for sonar
Users that are interested in sonar are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆29Mar 26, 2022Updated 3 years ago
- PoC of using Directus as ASPM☆12May 31, 2024Updated last year
- Bundle of wordlists for brute-forcing subdomains (World + RUSSIA based).☆68Jun 16, 2018Updated 7 years ago
- A list of checks with tips for analyzing the security of Android applications☆14Nov 19, 2019Updated 6 years ago
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆17Jun 7, 2024Updated last year
- Jeopardy CTF platform☆12Jan 3, 2023Updated 3 years ago
- Various wordlists for bruteforce☆36Nov 9, 2021Updated 4 years ago
- ☆44Aug 5, 2022Updated 3 years ago
- ☆31Oct 7, 2023Updated 2 years ago
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆23Oct 30, 2024Updated last year
- Check bitrix vulnerabilities☆92Jan 22, 2024Updated 2 years ago
- Yet Another Wordlists Repo☆129Jan 6, 2022Updated 4 years ago
- A python library to interact with Pwndoc instances for pentest reports generation☆24May 19, 2025Updated 10 months ago
- 浏览器XSS 过滤器Fuzzing 框架 (browser xss aduit fuzzing framework )..☆15Sep 13, 2016Updated 9 years ago
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆139Sep 21, 2020Updated 5 years ago
- Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.☆50Mar 1, 2018Updated 8 years ago
- steal cookies from website using xss☆12Mar 25, 2020Updated 5 years ago
- API for Asset Service☆15Aug 15, 2024Updated last year
- Python utility to takeover domains vulnerable to AWS NS Takeover☆86Feb 2, 2023Updated 3 years ago
- Helps you find internship in cybersec or IT☆13Mar 29, 2022Updated 3 years ago
- SAP penetration testing Web and network cheatsheet☆17May 15, 2022Updated 3 years ago
- Dynamic Check Challenges with docker-compose for CTFd V3.4.0+.☆21Mar 26, 2022Updated 3 years ago
- [CVE-2020-14882] Oracle WebLogic Server Authenticated Remote Code Execution (RCE)☆13Nov 9, 2020Updated 5 years ago
- Bash Enumeration Script☆18Oct 18, 2019Updated 6 years ago
- This automation protect against subdomain takeover on AWS env which also send alerts on slack.☆12Aug 1, 2021Updated 4 years ago
- Security Operation Center Lab☆20Oct 8, 2024Updated last year
- Chase subdomains by parsing the results of Google and Yandex search results☆15Sep 29, 2023Updated 2 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 7 years ago
- Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used …☆245Dec 9, 2025Updated 3 months ago
- Uzbek cyrillic/latin alphabetic, upper/lower/capital-case, name/surname/patronymic wordlists (dictionaries) and their combinations☆12Aug 4, 2022Updated 3 years ago
- ☆19Jan 1, 2021Updated 5 years ago
- ☆13Aug 10, 2022Updated 3 years ago
- PoC for distributed NTP reflection DoS (CVE-2013-5211)☆10Oct 4, 2019Updated 6 years ago
- Hybrid Botnet over TOR targeting Linux machines☆11Aug 1, 2021Updated 4 years ago
- A Nuclei security scanning server based on MCP (Model Control Protocol), providing convenient vulnerability scanning services.一个基于 MCP (M…☆21Aug 24, 2025Updated 7 months ago
- GitLab CI security tools runner☆18Feb 3, 2023Updated 3 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆30Oct 21, 2025Updated 5 months ago
- ☆12Feb 4, 2025Updated last year
- AES-GEM (AES Galois Extended Mode) implementation.☆13Feb 9, 2026Updated last month